Secure Blink threat intelligence
Threat Feeds
A threat feed archive for breach coverage, exploitation alerts, and the operational signals security teams need to scan fast.
Secure Blink threat intelligence
A threat feed archive for breach coverage, exploitation alerts, and the operational signals security teams need to scan fast.
Secure Blink threat intelligence
Real-time cyber threat intelligence covering ransomware campaigns, active threat actors, exploited vulnerabilities, malware infrastructure, phishing operations, and emerging attack activity worldwide.
Access operational intelligence through searchable feeds and TAXII-compatible formats designed for security operations, threat hunting, and cyber defense teams.
2256+
Threat briefs
21
Topic clusters
2026
Latest cycle

Backdoor.Daxin, the kernel-mode rootkit Symantec once called the most advanced tool ever tied to a China-linked espionage actor, has been found running again

148 malicious npm packages masquerading as student proxy and school Wi-Fi bypass tools. Rather than compromising developers during installation

Suspected China and India nexus actors both compromised Balochistan Police systems, planting malware in a public complaint portal used by citizens.

A security researcher demonstrated how three patched OpenClaw vulnerabilities can be chained from a WhatsApp message to achieve credential theft, sandbox escape, and host-level code execution, exposing architectural risks in AI agents.

Millions of driver's license records were exposed in a massive data breach, raising identity theft risks and highlighting critical data security failures.

U.S. Army recruiting pages hijacked to display fake 404 errors reading ‘Kurdistan’, exploiting a third-party tool and exposing .mil web security gaps.

A single ClickFix infrastructure is pushing StealC, Amatera, Remus, NetSupport, CastleLoader and a new loader called ResiLoader through fake Google/Cloudflare checks.

DHS confirms a breach of its HSIN intelligence-sharing network during World Cup security operations; a senator warns of national security risk

Polymarket's hack losses climb to $3.1M across 11 wallets as the platform faces a federal probe into deceptive marketing, even after pledging full refunds.

A third-party software flaw inside one of Japan's largest telcos exposed login credentials for up to 14.2 million email accounts across six ISPs. The passwords? Some were hashed. Some may not have been

Hackers exploited a four-year-old credential in Klue's systems to steal customer data, impacting LastPass and several cybersecurity firms in a supply chain breach

A ransomware gang called World Leaks walked out with over 200,000 files from one of Apple's most critical iPhone suppliers.
Threatspy helps teams detect exploitable vulnerabilities, reduce security noise, and build security directly into development workflows.